To better understand Managed File Transfer (MFT), it’s useful to review actual use cases. I think of the City of Guelph as a prime example of what prompts organisations to migrate from simple consumer-grade Enterprise File Sync and Share (EFSS) for file transfer to more robust and secure MFT.

A growing number of organisations are fighting an age-old battle – just using new weapons. With easy access to web-based tools for sharing files, employees often circumvent sanctioned means of transferring files in the workplace. This causes IT all kinds of headaches. But it can lead to even bigger problems for the organisation, especially when the files being transferred are highly confidential in nature. This is a key reason many organisations are driven to look at MFT systems. MFT provides better visibility and control, primarily to meet the demands of regulatory compliance. It satisfies the need for comprehensive reporting and the ability to set business rules around who, or what systems, can send and receive files and when. In other words, it provides the “M” in MFT—the file management capabilities lacking in consumer-grade EFSS tools. This was why the City of Guelph adopted MFT.

The City of Guelph – a government agency in southwestern Ontario – had long used simple FTP to protect contracts, workplace safety documents, staff information, employment information, and citizen data. But over time, more and more city employees needed to transfer confidential files. According to Shibu Pillai, Technology Services, City of Guelph “Every day, we’re transferring important, highly sensitive documents: contracts, citizen information, and CAD (Computer Aided Drawing) files.” And like many government agencies, the city needs to safeguard confidential information and satisfy information privacy requirements.

Many city employees turned to consumer-oriented, non-secure file transfer sites freely accessible via the web for these ad hoc file transfers. It’s no surprise that employees are attracted to these tools – they’re incredibly convenient. But by using them, they can put their organisations in a bad position. That was the case with the City of Guelph: employee use of these sites put the city at risk of violating Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) and Personal Health Information Privacy Act (PHIPA) requirements. And those staff members that were not using these unsanctioned sites were putting a strain on the city’s infrastructure by sending large files up to 20 MB via city email servers.

By migrating from FTP to a managed file transfer system, the City of Guelph was able to address both of these issues. Specifically, it now:

Has a productive environment for sending files

Securely sends large files

Reduces the burden on its email systems

Reduces storage costs

Saves IT staff time

Meets MFIPPA and PHIPA privacy requirements

Is PCI-compliant with respect to any credit card payments made for the city’s services